Featured whitepapers: Privileged access auditing, and more

Ars occasionally combs through the latest whitepapers to spot the best and …

Many players in the tech industry publish topical whitepapers that include analysis and commentary on a wide range of issues that are relevant to technologists and IT overlords alike. Last month, we shared some papers about open-source security myths and enterprise training, and this week we have a few more for you.

Auditing privileged access and activity in Windows

A whitepaper from NetIQ looks at the growing need for automated monitoring software that can detect unauthorized activity and ensure compliance with the security audit requirements of various laws. The report notes that some of the greatest sources of security vulnerabilities faced by many organizations come from abuses of privileged user accounts. Such risks can be reduced, it says, by implementing effective real-time monitoring technologies that can provide automatic notifications.

The paper acknowledges that the Windows operating system includes built-in monitoring and logging capabilities, but points out that these aren't scalable enough to accommodate the needs of large organizations that have complex regulatory requirements. The report argues that third-party commercial solutions have the potential to be more cost-effective because they can provide end-to-end tracking and enforcement functionality that is designed to support regulatory compliance.

Security: The Wireless Revolution is Here

The second whitepaper comes from Motorola's Good Technology group and looks at ways to build wireless business platforms that include adequate security mechanisms. The report notes that mobile computing is rapidly becoming pervasive and that remote wireless access poses some unique security challenges for companies that want to make their business systems accessible across a range of handheld and mobile computing devices. The report looks at some Motorola solutions for a wide range of mobile security issues, including authentication, encryption, and dealing with lost or stolen devices.

ABCs of RFID: Understanding and Using Radio Frequency Identification

The third paper, which comes from Intermec, is a very informative introduction to RFID technology. It explains how RFID tags work and describes the various kinds of RFID reading and writing systems. It also provides a comparison of different RFID frequencies and explains the scenarios in which they are most appropriate, including vehicle identification, contactless payment, baggage tagging, and long-range identification. The paper also talks about RFID standards established by ISO and other bodies and looks at some of the untapped potential that could come from creative mashups that involve using RFID in conjunction with other technologies, such as temperature and shock sensors.

We have looked at some of the security, privacy, and legislative issues surrounding RFID in the past. Although the technology has many controversial aspects, it has a lot of really significant implications for supply chain management practices and other business processes. This paper will give you some good background and show how the technology is being used in real-world situations.

Full disclosure: we work with TradePub.com and other sources to identify the most interesting whitepapers. If you guys check them out, we make money. If we pick bad stuff and no one looks at it, we make zip. So it's in our interest to find the best stuff to share with you, but of course if you're not interested in this kind of material, we mark the headlines really clearly so it's easy to skip.